Jump to content


Photo
- - - - -

Linksys BEFSR41 router


  • Please log in to reply
7 replies to this topic

#1 unity

unity

    Ten Ten Three Two Three

  • Agents of the Revolution
  • 1,236 posts

Posted 27 November 2003 - 02:08 PM

Anyone have any knowledge on hacking a Linksys BEFSR41 router? When I say hacking, I mean getting root. I don't really know where to go for info, but I thought someone here might know. Basically, I have the IP of the router, and the router has a web-based configuration system that needs a username and password.

Anyone familier with this?

#2 jedibebop

jedibebop

    Dangerous free thinker

  • Members
  • 1,935 posts

Posted 27 November 2003 - 02:22 PM

when you login to a linksys router (like my own for example) you don't put a username, just a pass, and the default pass is admin

#3 greystatic

greystatic

    mad 1337

  • Members
  • 149 posts

Posted 27 November 2003 - 04:30 PM

there was a replacement Linux distro for use on one of the Linksys routers posted on /. a while back.. IIRC, it exploited something in the web interface (after you were logged in).

other than that, all of the exploits I know of merely allow you to bypass the basic auth, and are only an option when remote administration is turned on for the WAN side.

#4 unity

unity

    Ten Ten Three Two Three

  • Agents of the Revolution
  • 1,236 posts

Posted 27 November 2003 - 08:26 PM

Thanks.

#5 neuro

neuro

    biggest post whore in history

  • Members
  • 2,047 posts

Posted 27 November 2003 - 11:49 PM

there was a replacement Linux distro for use on one of the Linksys routers posted on /. a while back.. IIRC, it exploited something in the web interface (after you were logged in).

other than that, all of the exploits I know of merely allow you to bypass the basic auth, and are only an option when remote administration is turned on for the WAN side.

that was the linksys WRT54G, btw.

#6 GUEST_m2mike_***

GUEST_m2mike_***
  • Guests

Posted 15 December 2003 - 06:59 AM

Take a look at:

http://www.securitea...6H004156AO.html

Also, click this link while associated with it to test the linksys router:

http://192.168.1.1/G...d=admin&.xml=1>

I have had this work on a few occasions. That will reset the password to admin if the Linksys router in question is running a certain firmware version listed in the securiteam link. You may need to change the above link so it says Gozilla. That's two L's instead of one.

Search securiteam for more linksys router exploits.

Hope this helps.

#7 nick84

nick84

    Member

  • Agents of the Revolution
  • 1,680 posts
  • Gender:Male

Posted 16 December 2003 - 06:09 PM

I can confirm the above as working on my Linksys running

Firmware Version:      1.44.3, Feb 13 2003



#8 blakmac

blakmac

    SUP3R 31337 P1MP

  • Members
  • 282 posts
  • Location:/tx/southeast

Posted 16 December 2003 - 10:56 PM

i believe that works on the BEFSR11 as well. as for remote administration, it will not allow you to enable it unless you use something other than the default pass




BinRev is hosted by the great people at Lunarpages!